[ https://jira.jboss.org/jira/browse/DNA-399?page=com.atlassian.jira.plugin... ] Brian Carothers updated DNA-399: -------------------------------- Attachment: DNA-399.patch Applied attached patch that adds permission checks to item reads, item removes, property modification and node addition calls and adds a new test case that extends the JR TCK framework, and adds a new workspace in RepositoryStubImpl creatively named 'otherWorkspace'; Adding the extra workspace will cause some false regressions in the nightly TCK run as it enables 3 cloning tests that silently passed when there was only one workspace in the repository. I will leave this defect open for a few days (and probably post a forum topic) to try to get some feedback on if this is sufficient security for the 1.0 release. I am curious whether there is any interest in being able to assign roles on a per repository and workspace basis in the case of multiple repositories feeding from a single JAAS source, if there is interest in adding an admin role that is required for type and namespace registration, or any other needed enhancements. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

[ https://jira.jboss.org/jira/browse/DNA-399?page=com.atlassian.jira.plugin... ] Brian Carothers resolved DNA-399. --------------------------------- Resolution: Done Assignee: Brian Carothers Applied DNA-399_forum_feedback.patch to complete defect resolution. Any additional feedback can be incorporated into a separate issue. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira